package cn.edu.pzhu.javaweb.controller;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import cn.edu.pzhu.javaweb.pojo.Result;
import cn.edu.pzhu.javaweb.pojo.User;
import cn.edu.pzhu.javaweb.service.UserService;
import cn.edu.pzhu.javaweb.service.imp.UserServiceImp;

/**
 * Servlet implementation class ChangePasswordServlet
 */
@WebServlet("/changepwd")
public class ChangePasswordServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;
    private UserService userService = new UserServiceImp();
    
    /**
     * @see HttpServlet#HttpServlet()
     */
    public ChangePasswordServlet() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// 显示修改密码页面
		request.getRequestDispatcher("changepwd.jsp").forward(request, response);
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		response.setContentType("text/html;charset=utf-8");
		
		// 获取当前登录用户名
		HttpSession session = request.getSession();
		String username = (String) session.getAttribute("username");
		
		// 获取表单提交的密码数据
		String oldPassword = request.getParameter("oldPassword");
		String newPassword = request.getParameter("newPassword");
		String confirmPassword = request.getParameter("confirmPassword");
		
		// 数据验证
		if (oldPassword == null || oldPassword.isEmpty() || newPassword == null || newPassword.isEmpty()
		        || confirmPassword == null || confirmPassword.isEmpty()) {
		    response.getWriter().print("<script>alert('密码信息不完整!');location.href='changepwd';</script>");
		    return;
		}
		
		// 验证两次输入的新密码是否一致
		if (!newPassword.equals(confirmPassword)) {
		    response.getWriter().print("<script>alert('两次输入的新密码不一致!');location.href='changepwd';</script>");
		    return;
		}
		
		// 先验证旧密码是否正确
		User checkUser = new User(username, oldPassword, null);
		Result<String> checkResult = userService.login(checkUser);
		
		if (checkResult.getCode() != 200) {
		    // 旧密码不正确
		    response.getWriter().print("<script>alert('原密码不正确!');location.href='changepwd';</script>");
		    return;
		}
		
		// 修改密码
		User updateUser = new User(username, newPassword, 1);
		Result<String> updateResult = userService.updatePassword(updateUser);
		
		if (updateResult.getCode() == 200) {
		    // 密码修改成功，跳转到登录页面重新登录
		    session.invalidate(); // 使当前会话失效
		    response.getWriter().print("<script>alert('密码修改成功，请重新登录!');location.href='login.jsp';</script>");
		} else {
		    // 密码修改失败
		    response.getWriter().print("<script>alert('密码修改失败: " + updateResult.getMessage() + "');location.href='changepwd';</script>");
		}
	}

}